• The Author – Bart Busschots

  

  • About
  • On Flickr
  • On YouTube
  • On Mastodon
  • On Twitter

  
  

  

  

  

  

  

• Site Search

  
  

• Site Map

  • About Bart
  • Blog
    • My Development Toolkit
    • Programming by Stealth
    • Taming the Terminal
    • Photo of the Week
    • Observer’s Log
  • Photography
  • Publications
    • Podcasts
    • Presentations
    • Software
      • HSXKPasswd – A Secure Memorable Password Generator

• Blog Categories

  • 42 (Life the Universe & Everything)
  • Computers & Tech
    • Automation
    • Security
    • Software Development
    • System Administration
  • Cooking & Food
  • History & Geography
  • My Projects
  • Photography
  • Polemics & Politics
  • Science & Astronomy

• Featured Tags

  • presentation
  • review
  • software release
  • tutorial

• Creative Commons

  Unless otherwise stated, the content on this site is licensed under Creative Commons Attribution, Noncommercial, No Derivative Works 3.0 License

  

A few weeks back I posted about how there was a major flaw in DNS and how the details were being kept secret to give everyone time to patch. I did say that it would be a matter of when this got out, and not if. When turns out to be today. Details of the flaw were accidentally published on a blog and then un-published but once information gets out onto the net it’s out. There’s no way to put that genie into the bottle. I was able to find the details of the flaw, so if I can, the bad guys certainly can!

If you haven’t done so already, go to www.doxpara.com and click the button to check your DNS server:

This week it was announced that one of the core protocols that holds the internet together is fundamentally flawed. The problem is not with someone’s implementation of the protocol, but with the actual protocol itself. It’s hard to over-state just how big a deal this is. At the moment the details of the vulnerability are being kept secret to give the world time to patch, but you can get some technical information from the advisory issued by the US Cert. On Tuesday all the major DNS server vendors released patches at the same time. This is un-heard of, nothing like this has ever happened before in the history of the internet. That alone should bring home just how big this is.

Although the good-guys have successfully kept the details of the flaw secret to date, despite the large numbers of organisations involved, the reality is that the bad guys are frantically trying to figure this out as I type. It’s not a matter of if they’ll figure it out, but when. The security community have bought us time. That time should not be squandered, but used to protect the internet as a whole, and to protect ourselves.

Internet, Security, DNS, Critical Vulnerability

Read more

Tagged with: DNS • vulnerability

Although it is true that some Trojans use vulnerabilities like the current ARDAgent vulnerability to gain root access, they do not need to. The core message about Trojans is getting lost amidst all the talk about plugging this vulnerability. Even if there was not a single vulnerability in OS X we would be at the mercy of Trojans. That’s the whole point of Trojans. Any program you run can do anything you can do. Let’s think about that for a moment, what can you do on your system without needing a password? Here’s a short list for starters:

• You can run programs.
• You can read, edit, and delete files
• You can use the network
• You can set programs to auto-start each time you log in

Remember, a Trojan is just an ordinary program that pretends to do something you want, but actually does something else. It could delete all your files. It could run a key logger and phone home with your credit card number, user names and passwords, bank details etc.. It could use your machine to send spam. It can set itself to automatically run each time you log in and continue with it’s nefarious actions. It can do all this WITHOUT the need to exploit a single vulnerability in your OS or your software. If you can do it, a Trojan can. Think about that for a second, it’s not a comforting thought!

[tags]security, OS X, Mac, Trojan[/tags]

Read more

Tagged with: trojan • malware

Note: This article was written for, and first published on, the International Mac Podcast blog.

It’s being reported this week that there is a Trojan Horse in the wild that’s targeted at Mac OS X (both Tiger and Leopard). This is quite a nasty beast which basically gives the attacker total control of your computer. This gives them access to all your files and allows for them to snoop on everything you do and hence collect sensitive data like banking details and credit card numbers. If you run Mac OS X this should concern you. However, there is no need to panic and lose sight of the realities of the situation. This is not a virus or a worm, it’s a Trojan. What’s the difference? Viruses and Worms spread from machine to machine, often without any need for any interaction on the user’s part, Trojans on the other hand have to be installed by the user. They work by pretending to be a legitimate program which an un-suspecting user then installs. They get their name because in many ways they are the digital equivalent of the wooden horse of Troy.

[tags]security, Trojan, OS X, Apple[/tags]

Read more

Tagged with: malware • OS X • trojan

I’ve been recommending FireFox for years now. In fact, I’ve been using it as my primary browser since it was called FireBird. It has been a more secure and a more feature-rich choice for years. (If you’re interested in the security aspects then you might enjoy reading a recent article I wrote for the International Mac Podcast blog comparing Safari and FireFox from a security point of view.) What got me hooked on FireBird was it’s plugin architecture. The idea of being able to customise my browser really appealed to me and as FireBird has grown into FireFox the list of available plugins has grown too. No other browser is as expandable as FireFox. If you can think of it, the chances are someone’s written a plugin for it!

However, FireFox has long suffered from two major shortcomings, memory leaks you could pilot a large ship through, and a non-native look. FireFox has been chewing up insane amounts of RAM for years, and has always looked like a fish out of water, particularly on OS X. These two problems are both fixed in FireFox 3 and if that was all they’d done I’d be recommending it highly, but they’ve done much more.

[tags]internet, browser, FireFox, FireFox 3[/tags]

Read more

Tagged with: review • software • Windows • open source • Linux • web browser • OS X

A few months back I posted the news that Microsoft were going to shut down the servers that make their old MSN Music DRM work. This would have killed the DRM so that music people bought would stop working the next time they upgraded their OS or their computer. Today the news is out that MS have delayed the shut down for at least three years. This is obviously good news for the poor unfortunates who bought music form MS, but it doesn’t get around the core problem that DRM is a fundamentally flawed concept. You never actually own music that you buy that’s encumbered by DRM, you are just renting it for an un-known length of time. If you’re lucky you get to keep it for a few decades, if you’re not, just a few years!

[tags]DRM, Microsoft[/tags]

The details released by Apple are sparse at best, but we know that the next version of OS X (10.6) will be called Snow Leopard. The name is very fitting precisely because it’s so similar to the current OS name, Leopard. Snow Leopard won’t be wedged full of new end-user features like Leopard was, instead the big changes will be under the hood, with a strong focus on efficiency and stability. This release would appear to be about consolidating what’s in Leopard already as well as laying the foundations for future big cats from Apple.

[tags]OS X, Apple, Mac, Snow Leopard[/tags]

Read more

Tagged with: Apple • OS X • review • operating system

Allison kindly got me a review copy of Bokeh so that we can talk about it on the NosillaCast tomorrow. To help me get my thoughts in order I’ve decided to do a review here too. I’ve said it before and I’ll say it again, I just love small single-purpose apps. I don’t want a disk, RAM, and CPU hog that will do 500 things, only 20 of which I will ever use. Instead, I’d prefer 20 small dedicated apps that do just one thing, but do it well. Bokeh very much follows this philosophy. It has one function in life, to reclaim CPU cycles when you need that bit of extra grunt. It does this by allowing you to pause apps. Clearly you can get by without it this app, if you really need all your power for a single app then just quit every other app and you’ve got running and you’ll get the self-same effect. The problems is, you then have to re-open all those other apps when you’re done. If you’re anything like me, you were probably in the middle of about five different tasks in about twenty different apps, and getting back to where you were will be a lot of hassle. It would be much easier to just pause the apps rather than quitting them, enter Bokeh!

[tags]Bokeh, review, shareware, Mac, OS X[/tags]

Read more

Tagged with: OS X • review • software • utility

Another WWDC Steve-Note has come and gone, and my predictions were right in some ways, and totally wrong in others. I’d expected the keynote to be iPhone heavy, but not iPhone only! The fact that OS X 10.6 got no more than a passing mention is a little disappointing. As expected, we got to see lots of cool demos of apps for the App Store, as well as a demo of the new features in the new iPhone 2.0 software. The biggest surprise there was how cheap the new software will be for iPod Touch owners, just $9.95! Unsurprisingly, half the planet was right about there being a 3G iPhone, however I’m pleased to have been wrong about GPS. Mobile Me is roughly what I’d expected, but not all I’d hoped for, the lack if iDisk access from the iPhone is disappointing. The continued lack of any sort of access to files for iPhone apps limits what developers can do with the SDK. Un-surprisingly we didn’t get a BlueTooth keyboard for the iPhone, or a Mac Tablet. The biggest disappointment of all is that iPhone 2.0 software still seems to be missing basic text-manipulation functions like select, cut, copy & paste, and that Notes on the iPhone still don’t seem to sync to anywhere.

[tags]Apple, Steve Jobs, WWDC 2008, WWDC, iPhone, Mobile Me[/tags]

Read more

Tagged with: Apple • review • media event

Since upgrading to OS X 10.5.3 iTunes has developed a very annoying bug. When I’m in work I cannot download podcasts. Every time I do iTunes quits unexpectedly. Happens 100% of the time, without fail. At home, it works perfectly. The only difference I can see is that at work I use both a Proxy server and a VPN to get to the internet. It would seem that iTunes can’t deal with that setup anymore on 10.5.3. No solution found as of yet, if I find one I’ll post again.

[tags]Apple, OS X, Leopard, 10.5.3, iTunes, crash[/tags]

Tagged with: Apple • OS X • iTunes • software • operating system

« go back — keep looking »